class AuthController < ApplicationController
  def login
    session[:user_id] = nil 
      if request.post? 
        user = User.authenticate(params[:loginid], params[:password]) 
        if user 
          session[:user_id] = user.id 
          redirect_to(:action => user.id, :controller => "users") 
        else 
          flash.now[:notice] = "Invalid user/password combination" 
        end 
    end 
  end

  def logout
    session[:user_id] = nil 
    flash[:notice] = "Logged out" 
    redirect_to(:action => "login") 
  end

  def index
  end

end
